Entrust Wildcard SSL/TLS Certificates allow you to secure unlimited subdomains on one certificate.
Ours is the only Wildcard certificate that can also support up to 250 Subject Alternative Names (SANs)
allowing you to add other domain names and even unrelated Wildcard domains to one certificate.
The combination of flexibility and value gives system administrators the ability to easily add
subdomains without the costs or tasks involved with deploying new certificates. Plus all Entrust Wildcard SSL
certificates come with a website security bundle to find malware on your website and protect it from being blacklisted.
|Secures one domain and unlimited subdomains on one certificate|
|Unlimited Certificate Duplication, a best practice for server security|
|Revokes all duplicated certificates in a single action|
|Supports hybrid RSA/ECC deployment|
|Secures up to 250 domains ($49 each) and Wildcard domains ($490 each)|
|Easily manage name changes|
|Unlimited Server Licensing|
|Powerful management console|
|Links related certificates to simplify renewals and reissues|
|Website security bundle by Sitelock|
|Delivered by a WebTrust accredited CA|
|Certificate Signing Request (CSR)||Payment method (see below)|
|Domain registered to your organization||Business headquarters and incorporation information|
|Business phone number that can be found through a third-party directory||Backup up of your private key|
|Billing, technical, authorization and corporate authority contact details|
|1 Year*||2 Year*||3 Year*|
|Regular Pricing||$524.25 each||$456.10/year||$429.89/year||Buy Now|
|Renewal Pricing||$678 each||$590/year||$556/year||Renew Now|
|1 Year*||2 Year*||3 Year*|
|Regular Pricing||$786.75 each||$684.47/year||$645.14/year||Buy Now|
|Renewal Pricing||$1018 each||$886/year||$834/year||Renew Now|
Best Customer Service1
Entrust’s global support and verification teams have your back anywhere and everywhere
with strategic locations worldwide.
Try Entrust Wildcard Certificates and experience our consultative approach that made
Entrust the leader in customer satisfaction according to industry analysts, Frost and Sullivan2.
|Quick response and resolution is achieved with our expert technical support team|
|Enterprise customers enjoy one-on-one relationship with their account representative|
|24x5 unlimited support|
Customers rely on Entrust as a trusted business partner providing expert advice and
unmatched service and support to ensure peace of mind.
1Industry analyst, Frost and Sullivan, report “SSL/TLS Certificates Market” published September 2016
2Frost & Sullivan, “SSL/TLS Certificates Market”, published September, 2016
The difference between a Wildcard SSL certificate and other SSL/TLS certificates is that other
certificates, which are issued to a single Fully Qualified Domain Name (FQDN), (e.g., www example.com),
can only be used to secure the exact domain to which it has been issued. A Wildcard SSL certificate
is issued to a “Common Name” -- *.example.com, and a Subject Alternative Name (SAN) -- *.example.com
allowing the certificate to be used for an unlimited number of subdomains across an unlimited number
of servers. A single Wildcard SSL certificate secures one domain -- .example.com, and unlimited subdomains --
www.example.com, buy.example.com, dev.example.com, mail.example.com, etc.
Entrust Wildcard SSL Certificates can also secure multiple Wildcard SANs.
The SAN ensures that the Wildcard certificate works with or without a subdomain:
The practice of using a single certificate, such as a Wildcard Certificate, to protect multiple
servers has become more common because they’re more cost effective and provide an easier way to
manage certificates. The flexibility of managing an unlimited number of subdomains to a single
certificate is a nice advantage for system administrators who want to simplify SSL/TLS certificate
management. However, there is a substantial risk to using Wildcard certificates without employing
best practices that mitigate common vulnerabilities.
The fact that a single Wildcard certificate and its corresponding private key could be used on
multiple servers, and can also be used with the appearance of legitimacy with either a fictitious
or a fraudulent subdomain name leaves them open to vulnerabilities. Using a single Wildcard
certificate to protect multiple servers requires exporting the key-pair from one machine and
importing it into one or more other machines. This creates a security vulnerability because
the private key now exists in multiple locations. Now the value of that one private key is
much greater because it protects more resources.
This practice ultimately bypasses controls for those subscribers who rely on the certificate
approval procedure to monitor the authorization of new servers and new domains.
There are two main attacks facilitated by multi-server certificates:
|Eavesdrop: is where an attacker finds their way inside the network and gains the ability to intercept user traffic.|
|Impersonation: happens when an attacker impersonates a genuine resource within the domain. A victim is lured to a fraudulent resource in the certified domain through a phishing attack.|
Properly managed Wildcard SSL certificates can provide increased flexibility for system administrators,
but they do come with increased risk. Entrust recommends using proper safeguards when deploying Wildcard Certificates.
Download the white paper for a more detailed analysis.
|24x5 Support: Entrust digital certificate specialists are available to help you through every step of the certificate management lifecycle.|
|Quick Issuance: Entrust verification begins immediately upon certificate request, and your certificate is usually ready within 1-2 days.|
|Easy Purchase: Order online or contact an Entrust representative, 1-888-690-2424 or email@example.com.|
|Website Security Bundles: Website Security Bundles help find malware on your website and protect it from landing on search engine and email blacklists.|
|Multi-domain Capabilities: Save time and money by securing up to 250 FQDNs with a single Wildcard SSL certificate.|
|Established Browser Trust: Avoid browser error messages and prevent your customers from seeing annoying trust dialogs.|
|Improved Search Rankings: Websites protected with SSL on every page receive a more favorable search ranking in Google.|
|Unlimited Reissues: Flexible policy allows unlimited reissues when users lose passwords or re-image machines.|
|Unlimited Server Licenses: Install certificates on an unlimited number of servers.|
|Self Service Certificate Creation: Eliminates the wait for manual certificate issuance.|
|Convenient Expiry Notifications: Lessens the risk of inadvertent certificate expiration.|
|Instant Issuance: On preapproved domains.|
|SHA-2 Signing Capabilities: Get the latest encryption technology, SHA-2/2048-bit Keys | 128-256-Bit Encryption.|
|30 Day Re-issuance Guarantee|
|Entrust Site Seal a Symbol of Trustworthiness|
Flexible licensing options lets you choose the plan that works best for
your unique business environment helping you to optimize SSL certificate
management not just for added value, but to actually save money.
Entrust Datacard has been the trusted Certification Authority to not only Fortune 500® companies, but public and
private organizations of all sizes since 1999. Recognized as pioneers in developing public trust and innovators in
establishing policy, we continue to bring peace of mind by delivering the best value in digital certificates.
Entrust is recognized for its unique offerings: one-on-one support, best practices approach, flexible licensing options,
streamlined management tools, and wide-range of certificates lowering operational costs while promoting a secure sever environment.
Our customers can stay focused on their core business while providing the most secure transactional environment for online customers.
Entrust is more than a security company. We’re your partner — real people you can depend on to provide the security,
focus and trust you deserve. And while we do provide a full range of security solutions for all types of organizations,
the Entrust Datacard team has one purpose in mind – your protection. Let us help you build your identity-based security through
our comprehensive portfolio of digital certificates and services.
|Trust comes from meeting and beating your customer’s expectations. That’s why you should let your visitors know they are on a secure website with the Entrust Site Seal. Our seal makes it easy to visibly show that you have taken steps to ensure your site transactions are secure. Once you make your Entrust SSL purchase, you gain access to your individualized seal. Once you’ve posted the seal on your website, your visitors will be able to click on it and easily verify your site’s authenticity and certificate status.|